[gnutls-devel] GnuTLS | call_legacy_cert_cb1 doesn't work when no certificates are returned by legacy_cert_cb1 (#528)

Hristo Venev gitlab at mg.gitlab.com
Mon Jul 23 22:14:10 CEST 2018

New Issue was created.

Issue 528: https://gitlab.com/gnutls/gnutls/issues/528
Author:    Hristo Venev

This bug was introduced in 9829ef9a3ca06d60472599df7c74ebb9a53f1fe2 (I think) and appears in version 3.6.3. 

When the legacy callback returns no certificates (st2.ncerts == 0, st2.cert == NULL), alloc_and_load_x509_certs returns NULL on line 397 in lib/cert-cred.c. This makes the function return GNUTLS_E_MEMORY_ERROR, which is then transformed to GNUTLS_E_USER_ERROR by call_cert_get_callback.

glib-networking 2.56 seems to always provide a callback for client connections, so this should break quite a lot.

Sorry if I'm slow to respond, ,my email client doesn't provide a client certificate, and I can't check my email.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/528
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20180723/509c0a72/attachment.html>

More information about the Gnutls-devel mailing list